package top.cluski.tokendemo.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import top.cluski.tokendemo.domain.ResponseResult;

@RestController
public class HelloController {

    @RequestMapping("/hello")
    @PreAuthorize("@myExpressionRoot.hasAuthority('system:test:list')")
//    @PreAuthorize("hasAnyAuthority('test', 'system:test:list')")
//    @PreAuthorize("denyAll")
    public String hello() {
        return "hello";
    }

    @RequestMapping("/testCors")
    public ResponseResult testCors() {
        return new ResponseResult(200, "testCors");
    }
}
